IETF Logo Mail Archive

Re: [secdir] [Last-Call] Secdir last call review of draft-foudil-securitytxt-08

"Salz, Rich" <rsalz@akamai.com> Tue, 31 December 2019 14:38 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0DCE12001E; Tue, 31 Dec 2019 06:38:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GE2RHk34sRWf; Tue, 31 Dec 2019 06:38:34 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04556120013; Tue, 31 Dec 2019 06:38:33 -0800 (PST)
Received: from pps.filterd (m0050096.ppops.net [127.0.0.1]) by m0050096.ppops.net-00190b01. (8.16.0.42/8.16.0.42) with SMTP id xBVEYgo7026314; Tue, 31 Dec 2019 14:38:32 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=Jn+Ltg4rYWmzXfg0EaC6XpI72e1FZelG9/tZPtmu/ac=; b=hjutoSBSCef/Mvi4mln8/TJPd6OnzFH9U6j8AeJg3ppIWJZBw+Of7TdzLR36lBycnmPv F/Vh9NRKS/g0QMSfXuNrTRC/IiV3Y3oXweTS80i7QBp7TNKhgCi60y9n+uaTKwx141WV 5oWvGb4Gwefgp7u7IYk0p637NAZV1h8sibWSCIOQ6MdroihOO/SSeV9d8jDM8dFBuJNh wTXlzWu9KLK+38naGlV/OlDlAzpaJ7XyWnTEywT0PxICMOa5RPkG/B1Uwi7d7LxxRctn UG0FMKME5D8tyLJcEaVWGxW7N6saoJMQ4nUON/BuiUU23pLDKxR0twJWyqdxSHynWsgH 9Q==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19] (may be forged)) by m0050096.ppops.net-00190b01. with ESMTP id 2x60beb2sh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 31 Dec 2019 14:38:32 +0000
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.27/8.16.0.27) with SMTP id xBVEW15H025746; Tue, 31 Dec 2019 09:38:31 -0500
Received: from email.msg.corp.akamai.com ([172.27.123.30]) by prod-mail-ppoint2.akamai.com with ESMTP id 2x638yuxe9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 31 Dec 2019 09:38:31 -0500
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com (172.27.123.103) by usma1ex-dag1mb2.msg.corp.akamai.com (172.27.123.102) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 31 Dec 2019 09:38:30 -0500
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com ([172.27.123.103]) by usma1ex-dag1mb3.msg.corp.akamai.com ([172.27.123.103]) with mapi id 15.00.1473.005; Tue, 31 Dec 2019 09:38:24 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Rob Sayre <sayrer@gmail.com>, Tero Kivinen <kivinen@iki.fi>
CC: "last-call@ietf.org" <last-call@ietf.org>, "draft-foudil-securitytxt.all@ietf.org" <draft-foudil-securitytxt.all@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: [Last-Call] Secdir last call review of draft-foudil-securitytxt-08
Thread-Index: AQHVunIEOmwHJiw0sU6Xr4k62saPi6fT+wUAgABf84A=
Date: Tue, 31 Dec 2019 14:38:23 +0000
Message-ID: <31A49EAD-1399-4E1F-AFB2-D1743B8DC718@akamai.com>
References: <157720267698.19361.11750709876624228448@ietfa.amsl.com> <CAChr6SwMxi9VULdF9MKcHNqZGwX6Rv-AB72MCq2_pDmi4X2jVw@mail.gmail.com>
In-Reply-To: <CAChr6SwMxi9VULdF9MKcHNqZGwX6Rv-AB72MCq2_pDmi4X2jVw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.20.0.191208
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.117.201]
Content-Type: multipart/alternative; boundary="_000_31A49EAD13994E1FAFB2D1743B8DC718akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-12-31_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=620 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1911140001 definitions=main-1912310128
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-12-31_04:2019-12-30,2019-12-31 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 impostorscore=0 suspectscore=0 spamscore=0 clxscore=1011 adultscore=0 mlxlogscore=593 mlxscore=0 phishscore=0 priorityscore=1501 lowpriorityscore=0 malwarescore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1912310128
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/qWJgUAIQQ2-rOU3c3aN6gxe25k0>
Subject: Re: [secdir] [Last-Call] Secdir last call review of draft-foudil-securitytxt-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Dec 2019 14:38:36 -0000

  *   While the draft does spend some time describing the "Scope of the File", it doesn't address attacks against other parties using phone numbers or emails contained within the file.

Why is this file worse than any other file on any other web server on the Internet?

v2.23.0 | Report a Bug | By Email